The Israeli National Cyber Directorate’s Director General, Gaby Portnoy, delivered a compelling speech at the Cybertech Conference, shedding light on the alarming surge in cyber attacks during the ongoing conflict. Portnoy revealed startling details about the hacker group known as “Black Shadow,” which operates under the guise of a private company in Tehran but is, in fact, affiliated with the Iranian Ministry of Intelligence.

During the conflict, Portnoy emphasized that alongside military operations on various fronts, Iran and Hezbollah orchestrated relentless cyber assaults against Israel. The collaboration between these two entities became particularly evident in the coordinated attack on Ziv Hospital in Safed. Portnoy disclosed that the Black Shadow group, also referred to as “Agrius” and “Malek Team,” has masqueraded as “Jahat Pardaz,” an IT and software company since its establishment in 2013.

Portnoy underscored the group’s recent targeting of multiple sectors in Israel, spanning academia, tourism, media, finance, transportation, health, government, and technology. However, despite their increased activity during the conflict, the group’s ability to inflict significant economic damage has been compromised due to its exposure in Iranian media outlets, notably the “Iran International” news website, which has unveiled their clandestine operations essential for offensive cyber activities.

While acknowledging the current threats, Portnoy expressed concerns about potential unseen dangers and contemplated the nature of future cyber surprises. He raised questions about the implications of AI-empowered influence campaigns, emphasizing the risks they pose to digital trust and functional continuity. In an era where the loss of trust can have severe consequences for governments and digital services, Portnoy cautioned against the potential repercussions.

The Israeli cybersecurity industry stands at the forefront of this escalating cyber warfare, bolstering its capabilities to counteract the mounting Iranian-led hacking attacks. As the conflict persists, the need for robust cybersecurity measures becomes increasingly paramount, ensuring the protection of critical infrastructure, national security, and digital trust in the face of evolving cyber threats.